From patchwork Mon Feb 10 08:33:42 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Chris Moore <cmoore@hanoverdisplays.com>
X-Patchwork-Id: 56957
Return-Path: <cmoore@hanoverdisplays.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 8573AC02198
	for <webhook@archiver.kernel.org>; Mon, 10 Feb 2025 08:33:56 +0000 (UTC)
Received: from LO3P265CU004.outbound.protection.outlook.com
 (LO3P265CU004.outbound.protection.outlook.com [52.101.196.143])
 by mx.groups.io with SMTP id smtpd.web11.46186.1739176429945530661
 for <openembedded-core@lists.openembedded.org>;
 Mon, 10 Feb 2025 00:33:50 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@hanoverdisplays.com header.s=selector2 header.b=CbDRHA2T;
 spf=pass (domain: hanoverdisplays.com, ip: 52.101.196.143,
 mailfrom: cmoore@hanoverdisplays.com)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;
 b=mBbrUDBFiYECj8GAR8cKsCl64uovrvMJXjd0uMkndWOhlZabZYaBmL93lHrR9zP7thtBD95z7+1Om9oWx8UNfD+Y5GgVwd26q2LR/nXw1oXKLlSD/4zPrNCEXjI0hYZ2QV1uC652wNJfuq8Yy0w/G3srRG5GdPML11IyAUEvHmiBci22jcCJhU8Hkrf1rzJxX9fDs2POWt/00JMJHsGZnIRAtbaXk58nDPjnacTGJlXef4yI477aM/easuYLbzqNMj3lITI9ee7FjBPQOYNOO1GyZYMjQaPleioYRl0wcFs/ymYztYyNeIB3iwGmp0MJs1IBsRaa8L3cdnsrNXyqZA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector10001;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=rYDMV+xYAj+vt81mgulndHRZ7IRpzAPGGWJkm8eu53U=;
 b=Yd2C9ZG4Nzet55icmJHz2wVhpCVBbr/fnDLIgH1Iyr+MPR1Ln+X+WW2+DhsN+jym4BU2ztGT6yoEwHRUEV73TjgYpr6CAp9iPE/0eXonGgkL611gOh0B1ydtLwHBQuC3JT7WQBt0Z71StO7f/cfw6U2GjHxVweQiyaRrXcr+cL98YKG3YDO/3FaRGnIHevIgRGn6Au2hrnNTAwUrbrDbS+eLGrN3ZcThk492NWD4MNzWoO2K0pQpDSZB5SnRQ2AZnbMxi0C8E3/uJUT5oOAealVYad22DTYZnRhFv2oAX2QQNnrR8EEidaN3oFZ/4XqVemn+A9op3wtedpGajlNhkQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
 51.104.147.18) smtp.rcpttodomain=lists.openembedded.org
 smtp.mailfrom=hanoverdisplays.com; dmarc=pass (p=reject sp=none pct=100)
 action=none header.from=hanoverdisplays.com; dkim=none (message not signed);
 arc=none (0)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hanoverdisplays.com;
 s=selector2;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=rYDMV+xYAj+vt81mgulndHRZ7IRpzAPGGWJkm8eu53U=;
 b=CbDRHA2TCoXHLkkCEwjngSEsdjmldFd3f+O7LjRWZ6iq9Zm4nobXzU8qEMefEXZfeo4678V5NqAwI8b29ZSKYTs6kpn8BrZpmKvqyUOyiOYa8IQj+/xjfohTeThqk/dzbofjTbi+SLSv6aIvX4Q7YHrRvqQRPCiCKZbPfLODA68oH2de+6J7EtCxpjidvQ/s9R94lHOLZ8Sx8FT314bwJfJ6NEeWlADDOTl68S8HRwE3fBQ2p+lWIPbjakoJMFX+JqJNKc8lqhe4af6x/LPRAGNsn7mgdhLZtcT+CpJbaQBlL9hilb2DhXmAcQVs3aKfW3ZYdqO1OBRw7KL1rr4wWg==
Received: from PR3P189CA0012.EURP189.PROD.OUTLOOK.COM (2603:10a6:102:52::17)
 by LO0P265MB6726.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:30c::14) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8422.18; Mon, 10 Feb
 2025 08:33:44 +0000
Received: from AM2PEPF0001C712.eurprd05.prod.outlook.com
 (2603:10a6:102:52:cafe::49) by PR3P189CA0012.outlook.office365.com
 (2603:10a6:102:52::17) with Microsoft SMTP Server (version=TLS1_3,
 cipher=TLS_AES_256_GCM_SHA384) id 15.20.8398.31 via Frontend Transport; Mon,
 10 Feb 2025 08:33:44 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 51.104.147.18)
 smtp.mailfrom=hanoverdisplays.com; dkim=none (message not signed)
 header.d=none;dmarc=pass action=none header.from=hanoverdisplays.com;
Received-SPF: Pass (protection.outlook.com: domain of hanoverdisplays.com
 designates 51.104.147.18 as permitted sender)
 receiver=protection.outlook.com; client-ip=51.104.147.18;
 helo=xwaresmtpservice-d98dcc5ff-b6d5k.xware-eu-north-k1.o365.crossware.co.nz;
 pr=C
Received: from
 xwaresmtpservice-d98dcc5ff-b6d5k.xware-eu-north-k1.o365.crossware.co.nz
 (51.104.147.18) by AM2PEPF0001C712.mail.protection.outlook.com
 (10.167.16.182) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8445.10 via Frontend
 Transport; Mon, 10 Feb 2025 08:33:44 +0000
Received: from CWXP265CU009.outbound.protection.outlook.com (40.93.68.29)
 by xwaresmtpservice-d98dcc5ff-b6d5k.xware-eu-north-k1.o365.crossware.co.nz
  with Crossware for Office365 id 01302bdd-92b3-4a22-8d7f-e1fddeb7fc64;
 Mon, 10 Feb 2025 08:33:43 +0000
Received: from LO0P265MB6550.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:2d1::10)
 by CWXP265MB2693.GBRP265.PROD.OUTLOOK.COM (2603:10a6:400:ad::13)
 with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384)
 id 15.20.8422.19; Mon, 10 Feb 2025 08:33:42 +0000
Received: from LO0P265MB6550.GBRP265.PROD.OUTLOOK.COM
 ([fe80::ec79:86af:7924:68d3])
 by LO0P265MB6550.GBRP265.PROD.OUTLOOK.COM ([fe80::ec79:86af:7924:68d3%5])
 with mapi id 15.20.8422.015; Mon, 10 Feb 2025 08:33:42 +0000
X-MAIL_SIG_CONFIGNAME: Hanover Ext (All)
X-MAIL_SIG_CONFIGNAMEPLIED: Hanover Ext (All)
From: Chris Moore <cmoore@hanoverdisplays.com>
To: "openembedded-core@lists.openembedded.org"
	<openembedded-core@lists.openembedded.org>
Subject: [PATCH] psplash.c: fix crash from length becoming negative
Thread-Topic: [PATCH] psplash.c: fix crash from length becoming negative
Thread-Index: AQHbe5Z90qkkEXAegEW39YTtaMLtug==
Date: Mon, 10 Feb 2025 08:33:42 +0000
Message-ID: 
 <036b2d9feb26fd94e2f80d6fc46ede8c2775e6d8.camel@hanoverdisplays.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
X-MAIL_SIG_CACHEID: 9838
x-ms-traffictypediagnostic: 
	LO0P265MB6550:EE_|CWXP265MB2693:EE_|AM2PEPF0001C712:EE_|LO0P265MB6726:EE_
X-MS-Office365-Filtering-Correlation-Id: bb5f4f3d-a848-424c-114a-08dd49ada151
X-MAIL_SIG_ADMINUNIT: none
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam-Untrusted: 
 BCL:0;ARA:13230040|376014|1800799024|366016|38070700018;
X-Microsoft-Antispam-Message-Info-Original: =?utf-8?q?jOnAY5Q5lYLPUROp5wchsl?=
	=?utf-8?q?sMq3o448RSxdN1xTAg1MbGSYTF716QjRS/MimPP2y+BQFUoCdfViBmi21AFoaTqjp?=
	=?utf-8?q?WkxG5KY+a8ZkriA3Zjcok0o430UMAXim8FVnXRCtoy0DTlD5vkZf/3e2uxf3DCdPC?=
	=?utf-8?q?rggwcWt0r9d1/3Gn2iAKTOxX5EsapGuAaZwpLskedbLsHGDfx5JVzuEoFnidLDvha?=
	=?utf-8?q?7KweoYu6UYtkow3Ucr9ll3gOEqVaqYtDhKZr7i5guNCMV2SI7gyXjOHBv3JaXJVa3?=
	=?utf-8?q?3hSmcbt79GySi74+p3FuTQreayQHeh7dnCLQrb6lyxeCq1uMIsVz6pURqmYYOO+0Z?=
	=?utf-8?q?6ans51/JFxY503bn48Mt4CsHNQWIznPTBg4XqAcL6u+0L1ooeRpER3ZOGAUcpExaf?=
	=?utf-8?q?qa0FVS4DUYnNqu+YI8c9JCiOhvOmfEvqWvDdCiaOI2HPJ22/3z5LFA2h3kSwSpDAH?=
	=?utf-8?q?rQid63AKbbfQYX9QeugYXI4wdxpURSd4pJlIGf33XnjoKr8IiSRbHsLg9QCgQ1FgJ?=
	=?utf-8?q?5CXbto64BCFz6Peq+XQuJWFo8z6gi3EergA/K8qsQZN8IIUCR/4kBF1kIYGnXLWKw?=
	=?utf-8?q?VS4alYoWxwEWnQsCejPkjla1FAkvli+ht5iOZerrsBdRJz1p/VIh3CUKt/Lk2PuJM?=
	=?utf-8?q?vAeTwGfWJck5LtRHbJChdb386sKziSd/XiVyH30JLc1QvyNaw37leHDiWjD/BaMH4?=
	=?utf-8?q?fQVa3AsrhG6JvmL8sXxf6DnPagxVySik+vjEbOFGNLxiVoiyCrjDHn2J5xfCcTtcz?=
	=?utf-8?q?CWm1xM70S1iD34t7pw7gfEgiRCCY+esjvwnktVEKjBjlGToIkgiHxgcYWQ9EbA10j?=
	=?utf-8?q?wcUfsQyxMMoNzYF8YAQRNe71yxNERhQdvVoBfBWrn4oh4I1yu7EuFJkNbBmdPBvd8?=
	=?utf-8?q?rw/JygqH+Oh9AVSP4ClTUFuvYpcqsDKvhI799p60A1M50OeBG0jb4I5gKismnuV08?=
	=?utf-8?q?KrWDfRMX+efmhgajvtH5GJGMnII841WHaJCYBjNExbBOg5KqHq2EQyBX3iFZ8sKDD?=
	=?utf-8?q?WqM9gqJyaXSb6OBKvAR8Gf5Rb1rgblnv3EIQZwu7YofTC11iYrTt/u0tiIsMtebcg?=
	=?utf-8?q?+f9g1IeFKD4bb1KLiT8AvcIWUQfuV7ipFPiafDCgkVB1eZU8s1cVtoaP7c30JAYzW?=
	=?utf-8?q?EaZpltkzA0z4yypKUJu5aOdMb5HNjoeLbtN+ZWVzfw1zERA47aE/Jqv+3KyrFckr6?=
	=?utf-8?q?m1mXLRs+/75VtFi76GSoY60FMhMP/HRZiaYU2AEAZ+LuUfIcpR2l4ejqHT+9Lhd1U?=
	=?utf-8?q?zZnEB95rWlhRhC6aq2ZOzpimu5K91qxiLGlgzq4R/gdXalrEuNn3bVpjEUZWT4cZK?=
	=?utf-8?q?es0VFxT5kXMpFf+o8LhihKIZk6bXtIMV9KLik0GfBT+c56qnmtrryXwb1ZMYxM63m?=
	=?utf-8?q?zdMwNNOqwq7JEhrF6OR4?=
X-Forefront-Antispam-Report-Untrusted: 
 CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:LO0P265MB6550.GBRP265.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(376014)(1800799024)(366016)(38070700018);DIR:OUT;SFP:1102;
X-CWesigProcessed: Y
X-MAIL_SIG_VERSION: 0.2.733
X-MAIL_SIG_SERVER: 
 xwaresmtpservice-d98dcc5ff-b6d5k.xware-eu-north-k1.o365.crossware.co.nz
Content-ID: <133A8D218571B44294A4847A577A5B67@GBRP265.PROD.OUTLOOK.COM>
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CWXP265MB2693
X-EOPAttributedMessage: 0
X-CrossPremisesHeadersPromoted: AM2PEPF0001C712.eurprd05.prod.outlook.com
X-CrossPremisesHeadersFiltered: AM2PEPF0001C712.eurprd05.prod.outlook.com
X-MS-Exchange-Transport-CrossTenantHeadersStripped: 
 AM2PEPF0001C712.eurprd05.prod.outlook.com
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id-Prvs: 
	3bd292dd-1556-45d0-7826-08dd49ada02a
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: 
	BCL:0;ARA:13230040|376014|35042699022|36860700013|82310400026|1800799024|14060799003|13003099007;
X-Microsoft-Antispam-Message-Info: =?utf-8?q?4KQkJ6JxT/uqffNZBBI0VD7XY8GJVmm?=
	=?utf-8?q?D2tAh41bqsNBPo+VPVg5xdWJHAxpqfiXfYPg3ZMC8aL2lpulVqI/2CkWOAtU0+d7i?=
	=?utf-8?q?mOl4kUvlC4nt4wS7ewUB4LI/Iap4TnNYcAcWd5Mq8bcObkDFrXsGaZqG1Y/odm0lr?=
	=?utf-8?q?zaFFfxVUV/67wLd2NDh4vzWTu+vR1n62cb/2xpmA13PiRA818qgtYdrINDeDmf+GT?=
	=?utf-8?q?/ktz9VxLVYKn4Q0OSkAcOyT/k3Tzmda3MGIdrzxfYwu0G3QMrVHCevvz08PA1BQ3i?=
	=?utf-8?q?Aw1cfOzFafvq0OfJktbDjEk5YaCrf5R3mzs6XhVttva+mhyUksOJAU+WWieL2v4w/?=
	=?utf-8?q?w7dCLlVNmJY+uXV2gI6eDNKmYoOTMzXeNFZZxMy3UtGhV3yUvjMun4Ga8UL3JwJKJ?=
	=?utf-8?q?Ftccb3VEonemGfKYKfY2owYi/BhlfCaN0vzp+Sisy1lXphDUaLd7DfxCcdHzfwOKD?=
	=?utf-8?q?EDFn+NmIBV89xj7cHQbBEkj3U7F5zHrIr6shAL9CMhOu3iPFsaguZt07VWD4zFrwZ?=
	=?utf-8?q?7EXeXO8CWSQ9iG2iuijGOe5QEV2kdZsAAYKJbwspsoYN+8NKhHBghjlHnxeIuRdk+?=
	=?utf-8?q?sbCIPa4sq3ybtrFTh7+bdvznjSHPhX5cmfldzR0oB10s1ZogBHWnm+Yw+J3wz6Wg/?=
	=?utf-8?q?c8VcgS1oogQqyYfKmrZ9Qfw8VdA0f7fqQhrus9KRuDkrG+OWwxyY66HBXyGwWdeat?=
	=?utf-8?q?zYWMPeWy3xh0Gnp9WBsXblGlKEuRU2wnQI/BWZ4l1kTqksWI3py4EFM9OaYJE6azy?=
	=?utf-8?q?AVePn/mA9730liJnmFo/OuTmI2w0VESRO0Dbk5aABpga2h7eNUN7jgxWYgWnVVbWj?=
	=?utf-8?q?G6DcGGXr8jerFag/sZf/NK5s87exFVQ0R2PO95gxCTi/befGadLuyRt3hTxWeOsko?=
	=?utf-8?q?l5uoW+52p6a67vZHneCjndGmwpAdceYx4Y+vCCgzf4v8uHHVOz0IbTAivMW6qhZ33?=
	=?utf-8?q?KhrY8+rOONbJABekfvXnaQxCim7yqsAUoZ/77XjJWBHq2rvDfcuw2LEeTJ1cMTmNW?=
	=?utf-8?q?byi7nCnX8ZNIZjefpsTDlOTJJilxggSTN7Iz27QVZNouIT8JaaTG70sESPN+yZGB3?=
	=?utf-8?q?YA2AfzOly9UYXrxbbousX72TLOROTilrbX/29l5vL83uuTHSkVfuUZ6tzfSPMP064?=
	=?utf-8?q?jAcC+6VOyh5Ww7c2NNSMWRfB1e4WkQORMpAftR9fR33Re5b/GB061zbBL0wXRiBym?=
	=?utf-8?q?zzFQ9kSw7KptxMhnmgHUfibrNnIvPbAW2R1u1ChfQzzDZHxRvA/YCfm6DsbWLn5C3?=
	=?utf-8?q?xENS0PgsZs1w0ay5nvY3xfd036ibGjV7iHPZVaNed88GbAPKk/ERxEQlFZTNnJQ21?=
	=?utf-8?q?cEcW17guHniz3FajVM+xsq7BnYbC8oYTxXZjf7DgrkcJdaeu+F0jpLg=3D?=
X-Forefront-Antispam-Report: 
	CIP:51.104.147.18;CTRY:IE;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:xwaresmtpservice-d98dcc5ff-b6d5k.xware-eu-north-k1.o365.crossware.co.nz;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(376014)(35042699022)(36860700013)(82310400026)(1800799024)(14060799003)(13003099007);DIR:OUT;SFP:1102;
X-OriginatorOrg: hanoverdisplays.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Feb 2025 08:33:44.0780
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 bb5f4f3d-a848-424c-114a-08dd49ada151
X-MS-Exchange-CrossTenant-AuthSource: 
 AM2PEPF0001C712.eurprd05.prod.outlook.com
X-MS-Exchange-CrossTenant-Id: a8520dec-67a9-412e-9a33-fcd2b3b5963b
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=a8520dec-67a9-412e-9a33-fcd2b3b5963b;Ip=[51.104.147.18];Helo=[xwaresmtpservice-d98dcc5ff-b6d5k.xware-eu-north-k1.o365.crossware.co.nz]
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: LO0P265MB6726
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Mon, 10 Feb 2025 08:33:56 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/211080

Fixes [Yocto #14806]

If there is an error in read(), it returns -1 but this is just added to
length without checking first. This can lead to a runaway negative
value
for length which eventually crashes when memchr() is called with the
negative value.

The fix is to check the return from read() first and handle the error
state.

Signed-off-by: Chris Moore <cmoore@hanoverdisplays.com>
---
 psplash.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

   char          *end;
@@ -170,15 +171,16 @@ psplash_main (PSplashFB *fb, int pipe_fd, int
timeout)
 	  return;
 	}
       
-      length += read (pipe_fd, end, sizeof(command) - (end -
command));
+      ret = read (pipe_fd, end, sizeof(command) - (end - command));
 
-      if (length == 0) 
+      if (ret <= 0) 
 	{
 	  /* Reopen to see if there's anything more for us */
 	  close(pipe_fd);
 	  pipe_fd = open(PSPLASH_FIFO,O_RDONLY|O_NONBLOCK);
 	  goto out;
 	}
+      length += ret;
 
       cmd = command;
       do {
-- 
2.45.2


Chris Moore 


Embedded Software Engineer


 


@ cmoore@hanoverdisplays.com 
T   +44 1273 477528 


www.hanoverdisplays.comHanover Displays Ltd. Southerham House, Southerham Lane, Lewes, East Sussex BN8 6JN, UK


Registered in England No: 1876684

diff --git a/psplash.c b/psplash.c
index ee1af6b..0db0aa4 100644
--- a/psplash.c
+++ b/psplash.c
@@ -140,6 +140,7 @@ psplash_main (PSplashFB *fb, int pipe_fd, int
timeout)
 {
   int            err;
   ssize_t        length = 0;
+  ssize_t        ret = 0;
   fd_set         descriptors;
   struct timeval tv;